Data Security

Phishing and smishing: How these cyber-attacks work (and how to prevent them)

By Mark Grainger 25 January 2021

Cybercrime is on the up, with 46% of UK businesses reporting a security breach in the past year, according to a UK Government survey. The COVID-19 pandemic has contributed to this rise, with cybercriminals quick to capitalise on disruption to normal working practices.

Modern cybercrimes are sophisticated operations, many of which involve teams of coders, call centre workers, data miners and even money laundering specialists. It’s down to individual organisations to use the right technology to safeguard against fraud.

Let’s look at 2 common scams and what you can do to prevent them.

What are phishing and smishing?

Phishing is where criminals try to steal personal identity information, financial account credentials or other valuable data by posing as a legitimate company. For financial institutions, this might take the form of emails linking to a fake website that looks exactly like the bank’s. From there, victims are enticed to enter highly personal data such as ID, account details or security codes. Criminals then use those details to make purchases. Phishing continues to be among the most effective ways to attack, with a new phishing site launching every 20 seconds.

Smishing is a subset of phishing where the attack is carried out via social media and SMS rather than email. These are effective channels for criminals because text messages have an incredibly high open rate (90% are read within three minutes).

Customers may receive a text, allegedly from their bank, saying that a suspicious purchase was made with their credit card. The message asks them to contact the bank, but gives a fake number. When the customer calls, they’re asked to give out confidential information, such as their user ID and / or passcode, to cancel the purchase, which criminals then use to commit fraud.

Technology that protects against phishing and smishing

In our 2021 technology trends and predictions blog, we talked about the need for security controls to be built into everyday interactions. Put simply, tighter security will increasingly become part of our new normal.

As much as all sectors suffer from cybercrime and fraud, financial services – particularly banking – tend to be hit hardest. Unauthorised financial fraud losses across payment cards, remote banking and cheques totalled £824.8 million in 2019. With payment cards accounting for the highest fraud loss by type (a sizable 48%), it’s crucial that providers invest in advanced security systems. The industry is already proactively using technology in this fight, with multi-factor authentication becoming standard. We can expect more collaboration between banks and mobile network operators in 2021 to ensure greater security for consumers.

Solutions like real-time transaction analysis and behavioural biometrics are no longer just nice-to-haves — they’re becoming essential, especially with regulatory requirements such as PSD2 driving ongoing change. These are capable of analysing billions of customer interactions in real-time. When teamed with additional information (e.g. device ID, location or behavioural data), the technology allows banks to build a picture of each customer, making it easier to identify unusual (and potentially fraudulent) activity immediately.

Security and customer experience go hand in hand

Rather than being inconvenienced by extra authentication layers, customers are more likely to see them as evidence you take their security seriously. And they’re likely to be wary of businesses that fall behind.

While spotting suspicious messages and resisting the temptation to click is largely up to the individual, consumers need to know companies are keeping their end of the bargain, too. And that means investing strategically in technology that protects customers – and keeps you a step ahead of the cybercriminals.

Learn how Engage Hub can support you and your business with cross-channel fraud management. Take a look at our latest solution video to learn more or get in touch to speak to an expert today. 

See other posts by Mark Grainger

VP Sales

For more than ten years, Mark Grainger has been a key player in customer engagement solutions by helping enterprises amplify their marketing activities using the latest technology. With extensive experience gained in the marketing services industry, he specialises in SMS and mobile marketing in order to achieve maximum brand penetration whilst delivering an unforgettable customer experience.

Generated with Avocode.FontAwsome (linkedin-in)